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RECEIVED 

CENTRAL FAX CENTER 

JUL I 5 2008 

REMARKS /ARGUMENTS JWU ? 



This Amendment is submitted in response to the non- 
final Office Action dated April 29, 2008. The deadline 
for responding is July 29, 2008. 



I. Introduction 

The Examiner found that claims 2, 4, 10, 18, 22, 23, 
28, and 29 would be allowable if rewritten in independent 
form. Claims 2, 4, 10, 18, 22, and 28 have been amended 
accordingly. Claims 5, 6, 11, 12, 19, 23, 24, and 29 are 
therefore also allowable as they depend from the 
allowable amended claims. Applicant thanks the Examiner 
for this finding of allowability. Applicant respectfully 
declines to amend claim 30 as suggested, as such 
amendment would narrow the claim unnecessarily. No new 
matter has been added. Claims 1-32 are therefore pending 
in the application. 

Claims 1, 3, 5, 7-9, 11, 12, 14-17, and 31 stand 
rejected under 35 U.S.C. 102(e) as being anticipated by 
U.S. Patent Publication No. 20040039938 to Katz et al . 
(hereinafter "the Katz et al. publication") . Claim 6 
stands rejected under 35 U.S.C. 103(a) as being 
unpatentable over the Katz Publication in view of a U.S. 
Patent Publication to Bearden et al. (hereinafter "the 
Bearden et al . publication") . The reference nuanber in 
the Office Action (20020112073) is the McLampy 
publication (see below) ♦ Applicant respectfully requests 
that if the Examiner continues to rely on the Bearden et 
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al. reference to reject claims, that a corrected 
reference number be provided to Applicant. 

Claims 13, 19, and 32 stand rejected under 35 U.S.C. 
103(a) as being unpatentable over the Katz et al . 
publication in view of Patent Publication No. 20020112 073 
to McLampy et al. (hereinafter "the McLampy et al . 
publication") . 

Claims 20, 21, 25, 26, and 27 stand rejected under 
35 U.S.C. 103(a) as being unpatentable over the Katz et 
al. publication in view of Patent Publication No. 
20030195861 to McClure et al. {hereinafter "the McClure 
et al . publication"}. 

Claim 24 stands rejected under 35 U.S.C. 103(a) as 
being unpatentable over the Katz et al. . publication and 
the McClure et al . publication and further in view of the 
Bearden et al . Publication and the McLampy et al. 
publication . 

As will be discussed below, none of the pending 
claims, as amended, are anticipated or rendered obvious 
by the applied references. 

II. Claims 1, 3, 5, 7-9, 11, 12, 14-17, 30, and 3i 
are Patentable Under §102 and/or §103 

As indicated in the Introduction above, claims 5, 
11, and 12 are presently allowable as being dependent on 
amended allowable claims. 

Claim 1 recites the features [emphasis added] : 

A method of testing a firewall comprising: 
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transmitting at least one of a session 
initiation signal to initiate a communications 
session through said firewall and a session 
termination signal used to terminate an 
established communications session; and 

monitoring to determine from the time of at 
least one said transmitted signal at least one 
of a port opening delay which occurs in regard 
to a session initiation signal and opening a 
port in said firewall for a communications 
session that is being initiated^ and a port 
closing delay which occurs in regard to a 
session termination signal and closing a port 
in said firewall when terminating an 
established communications session. 

The Katz et al. publication discloses, at paragraph 
[0024] lines 1-5 (emphasis added) : 

"Ref erring to step 115, the client can measure 
the network latency between the client and the 
server. As defined herein, network latency is an 
expression of how much time it takes a packet of 
data to get from one designated point to 
another. " 

. Further in the paragraph, at linesl3-15: 

"The round-trip network latency can be computed 
as the difference between the send time and the 
receive time." 

Then , at paragraph [0028], at lines 8-11 (emphasis 
added) : 

"The open port duration can be re-calculated 

with each new network latency measurement or 
when the network latency varies more than a 
predetermined percentage or amount . " 



The Examiner states on p. 3 of the Office Action 
that "A delay is defined as the time period between two 
events". Applicant agrees with this definition. The 
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question then becomes, "What are the two events?" The 
Examiner goes on to state "Namely, for the opening of a 
port event, the delay is the time period between a closed 
port state and an open port state". Again, Applicant 
agrees that this is one "delay" associated with a port 
opening (let's call this "Delay 1"). 

Next, the Examiner states: "The Katz prior art 
discloses a time calculation for opening a port and 
closing a port." The Katz et al . publication states: "In 
particular, the present invention provides a solution for 
dynamically varying the timing of port openings and 
closings according to a latency value to optimize the 
time duration that ports are open" ([0013] lines 5-9). 
The two events for "the time duration that ports are 
open" is the opening of the port and the closing of the 
port. Let's call this "Delay 2". Again in [0014], lines 
7-8: "...the server can compute the open port duration". 
Further, in [0027] lines 5-10 (emphasis added): 

* 

"Importantly, referring to decision block 130 and step 
135, the network open port duration can be used to time 
port openings and closings so that the client and server 
remain synchronized until a communications session is 
complete. For example, the time a port is open can be 
monitored." Finally, in [0030] lines 1-7 (emphasis 
added) : "In consequence, the port openings and closings 
can be timed using a dynamically changing open port 
duration to keep the port openings and closings optimized 
for the network environment. For example, if the network 
becomes congested and network latencies begin to 
increase, a new open port duration can be computed and 
shared between the client and the server." 
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Another "delay" in the Katz et al ■ publication is 
w round-trip latency". It's defined in [0014] lines 5-7: 
"...the round-trip latency also can specify a time the 
client sends a request and a time the client receives a 
response to the request". Let's call this "Delay 3", 
where the two events are "sends a request" and "receives 
a response to the request". 

Two other "delays" can be found in Applicant's claim 

« 

1, namely: 

monitoring' to determine from the time of at 
least one said transmitted signal at least one 
of a port opening delay which occurs in regard 
to a session initiation signal and opening a 
port in said firewall for a communications 
session that is. being initiated^ and a port 
closing delay which occurs in regard to a 
session termination signal and closing a port 
in said firewall when terminating an 
established communications session 

Let's call one of these "Delay 4", where the two 
events are: "a session initiation signal" and "opening a 
port"; and "Delay 5", where the two events are: "a 
session termination signal" and "closing a port". 

The Examiner's "Delay 1" is not found in any of the 
references, nor in the instant invention. Similarly, 
"Delay 2" and "Delay 3" are found in the Katz et al . 
publication, but not in the instant application. 
Further, "Delay 4" and "Delay 5" are recited in claim l f 
but not in the Katz et al . publication. There is no 
"session initiation signal" and no "session termination 

i 

signal" disclosed in the Kat2 et al. publication. 
Further, measuring the time between a "session initiation 
signal" and "opening a port" is not taught or suggested 
in the Katz et al . publication (nor in any of the cited 
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references. Measuring the time between a "session 
termination signal" and ^closing a port" is likewise not 
taught or suggested in the Katz et al. publication (nor 
in any other cited reference) . 

The Examiner states on p. 3 of the Office Action: 
"The Katz prior art discloses a time calculation for 
opening a port and closing a port. This time calculation 
includes a time delay portion calculation" . This is 
true, but it is a description of "Delay 2" or "Delay 3", 
not "Delay 4" or M Delay 5". The former are in the Katz 
et al, publication, and the latter are in claim 1. The 
Examiner goes on to state: "Katz discloses the 
calculation of multiple types of delay and an opening and 
closing delay is well known in the art." It is of note 
that the Examiner acknowledges that there are ^multiple 
types of delay" . Applicant again agrees that the Katz et 
al . publication teaches multiple delays ("Delay 2" and 
"Delay 3", for example) . However, none of the cited art 
teaches or suggests "Delay 4" or "Delay 5", as found in 
claim 1. 

Further on p, 3 of the Office Action, the Examiner 
states that "The applicant states that Katz does not 
disclose 'monitoring' on page 13, line 3". Applicant 
cannot find a statement to the effect that "Katz does not 
disclose v monitoring r " . The question, as argued above, 
is what is being monitored in the Katz et al . publication 
compared to claim 1 . 

On p. 4 of the Office Action, the Examiner states: 

"In order to adjust a value, the current state 
of a value namely the delay time (time period 
between closed and opened states or between 
opened and closed states) must first be 
determined, and then the value can be adjusted. 
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The Katz prior art discloses the determination 
of a port opening time period and a port closing 
time period. The delay value is the time period 
for a transition from one state to the next 
state . " 

It appears that the Examiner is again referring to 
"Delay 1". First, that is not the only delay involving 
opening or closing a port. Second, the "delay" referred 
to be the Examiner ("the time period for a transition 
from one state to the next state") is not measured or 
discussed in the Katz et al . publication (nor recited in 
claim 1) . 

In paragraph 3.3 on p. 4 of the Office Action the 
Examiner refers to "session signaling". Applicant cannot 
find this terminology in any of the cited references in 
the Katz et al . publication, and therefore cannot respond 

to this contention. 

For at least these reasons, claim 1 is patentable 
over the Katz et al* publication. 

Claim 3 , for at least the reason of being dependent 
on allowable claim 1, is therefore also patentable over 
the Katz et al. publication. 

The Examiner states on p. 6 of the Office Action 
regarding claim 3 that the Katz et al. publication shows 
"port closing delay" at [0014] lines 2-8 and/or [0024] 
lines 5-9- However, neither of these references mentions 
or describes u port closing delay" , at least as found in 
claim 3 , 

Claim 7 recites the feature [emphasis added] : 

i 

measuring a port closing delay time 
associated with the closing of said at least 
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one port following the transmission of said 
signal to terminate said communications session 

0 

As discussed above, the Katz et al. publication does 
not teach or suggest a port closing delay time, where the 
two events are a * signal to terminate said communications 
session" and a "port closing time" . 

Again, the Examiner states on p. 7 of the Office 
Action that the Katz et al. publication shows "port 
opening delay" and "port closing delay". However, as 
found in claim 7, the Katz et al . publication does not 
differentiate between a "signal to terminate said 
communications session" and "the closing of said at least 
one port"; therefore it doesn't teach or suggest 
measuring the time between these two events, and 
therefore doesn't teach or suggest "port closing delay 
time" . 

For at least this reason, claim 7 is patentable over 
the Katz et al, publication. 

Claims 8, 9, and 13 / for at least the reason of 
being dependent on allowable claim 7, are therefore also 
patentable over the Katz et al» publication. 

Regarding claim 8, the Examiner again states on p. 7 
of the Office Action that the Katz et al. publication 

■ 

shows "port closing delay determination" at [0024] lines 
6-9. This reference refers to network latency, not port 
closing delay. 

Claim 8 is additionally patentable over the cited 
reference as it recites the further feature: 

wherein said port closing delay is a time 
period which occurs between the time a signal 
used to cause the closing of the port is 
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detected and said port ceases to allow 
communications signals to pass through from the 
first side of said firewall to the second side 
of said firewall 

Again, the Katz et al. publication discloses timing 
port openings and closings, whereas claim 8 discloses: a 
"port closing delay", which is further defined as: "a 
time period which occurs between the time a signal used 
to cause the closing of the port is detected and said 
port ceases to allow communications signals to pass 
through from the first side of said firewall to the 
second side of said firewall". 

There is no mention or suggestion in the Katz et al . 
publication of determining when a signal to cause the 
closing of the port is detected", nor of the time that 
"said port ceases to allow communications signals to pass 
through", or to measure the time period -between those two 
events - 

Further, there is no teaching or suggestion of 
"determining when a signal to cause the closing of the 
port is detected", nor of the time that "said port ceases 
to allow communications signals to pass through", or to 
measure the time period between those two events . 

For at least these additional reasons, claim 8 is 
patentable over the cited reference. 

Regarding claim 9, the Examiner states on p. 8 of 
the Office Action that the Katz et al . publication 
discloses "test signals" at [0024] lines 5-9. Applicant 
cannot find any reference to "test signals" in that cited 
passage . 
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It should be noted that the McLarnpy et al. 
publication does not supply any of the above noted 
deficiencies in the Katz et aL publication reference 
regarding claims 7, 8/ 9, or 13. 

* 

Claim 14 recites the feature [emphasis added] : 

determining a time wizen said test signals 
first pass through, said at least one port, said 
at least one port being opened in response to 
said signal to initiate a communications 

session; and 

determining a port opening delay which 
occurs in regard to opening a port in said 
firewall for said communications session from 
said determined time 

The Examiner cites the same passages in the Katz et 
al. publication regarding claims 14-17 as cited against 
claims 1, 3, 7 , 8, and 9. For the reasons given above in 
relation to those claims, claims 14-17 are patentable 
over the Katz et al. publication. Claims 15-17 , for at 
least the additional reason of being dependent on 
allowable claim 14, are also patentable over the Katz et 
al* publication. 

It should be noted that the McLarnpy et al . 
publication does not supply any of the above noted 
deficiencies in the Katz et al. publication reference. 

Claim 30 recites the features [emphasis added] : 

transmitting session termination signals 

used to control the termination of 
communications sessions through said firewall 
at an increasing rate; and 

measuring the effect of the increasing rate 
of session termination signals on port closing 
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dslaya associated with the termination of 
communications sessions through said firewall. 

The Examiner does not state the reason for rejecting 
claim 30, However, in a previous Office Action, the 
Examiner cited paragraph 0013, lines 5-9 to support 
* transmitting session signals at an increasing rate" . 
However, the citation reads: "In particular, the present 
invention provides a solution for dynamically varying the 
timing of port openings and closings according to a 
latency value to optimize the time duration that ports 
are open". There is no mention of "transmitting session 
termination signals ...at an increasing rate" or of 
"measuring the effect of the increasing rate" on "port 
• closing delays" . The reference is to change the duration 

of port openings. 

The Examiner went on to cite paragraph 0030, lines 
1-4 [emphasis added] : "In consequence, the port openings 
and closings can be timed using a dynamically changing 
open port duration to keep the port openings and closings 
optimized for the network environment". Again, there is 
no mention of "transmitting session termination signals 
...at an increasing rate" or of "measuring the effect of 
the increasing rate" on "port closing delays". The 
reference is to change the duration of port openings. 

* 

The Examiner went on to cite paragraph 0034, lines 
1-5 (see citation above) , which refers to "monitoring 
network latency" to "dynamically adjust the open port 
duration" . There is no mention of "transmitting session 
termination signals ...at an increasing rate" or of 
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"measuring the effect of the increasing rate" on "port 
closing delays". 

For at least these reasons, claim 30 is patentable 
over the Katz et al, publication. 

Claims 31-32 , for at least the reason of being 
dependent on allowable claim 30, are therefore also 
patentable over the Katz et al. publication. 

Regarding claim 31, the Examiner refers on p. 10 of 
the Office Action to [0024] lines 5-9, and [0025] lines 
7-9. These refer to "network latency", not to 
"determining the session signal rate which results in a 
maximum acceptable port closing delay being exceeded" . 

It should be noted that the McLampy et al. 
publication does not supply any of the above noted 
deficiencies in the Katz et al . publication reference. 

III. Claim 6 is Patentable Under §102 and/or §103 

Claim 6 stands rejected under the Katz et al. 
publication in view of the Bearden et al . publication. 
As claim 6 is dependent on allowable claim 4, as amended, 
claim 6 is thereby allowable. 

IV. Claims 13, 19, and 32 are 
Patentable Under §102 and/or §103 

Claims 13, 19, and 32 stand rejected under 35 U.S.C. 
103 (a) as being unpatentable over the Katz et al. 
publication in view of the McLampy et al . publication. 
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Claim 13 is allowable at least as being dependent on 
allowable claim 7 , as argued above in relation to claim 

4 

7 . 

As claim 19 is dependent on allowable claim 18, as 
amended, claim 19 is thereby allowable. 

« 

Claim 32 is allowable at least as being dependent on 
allowable claim 30, as argued above in relation to claim 
30. 

V. Claims 20, 21, 25, 26, and 27 

are Patentable Under S102 and/or §103 



Claims 20 , 21, 25, 26, and 27 stand rejected under 
35 U.S.C. 103(a) as being unpatentable over the Katz et 
al . publication in view of the McClure et al . 
publication . 

Claim 20 recites the feature [emphasis added] : 

an analysis module for determining at least 
a port closing delay from a session signal time 
and a time probe signals are detected to stop 
passing through a port in said firewall 
corresponding to an initiated communications 
session . 

As discussed above, the Katz et al. publication does 
not teach or suggest "port closing delay", for any 
purpose, but certainly not by determining the time from 
u a session signal time" and a "time probe signals are 
detected to stop passing through a port". 

-26- 
PAGE 29/34 • RCVD AT 7/15/2008 5:51:47 PM [Eastern Daylight Time] * SVR:USPTO-EFXRF^/20 - DNIS:2738300 • CSID:17329361401 » DURATION (mm-ss):0B-54 



07/15/2008 17:58 FAX 17329361401 



121030/034 



The Examiner states on p. 13 of the Office Action 
that the Katz et al . publication discloses "detected to 
stop passing through a port in said firewall". Applicant 
can find no reference in the listed citations to 
"detecting" any signal "passing through a port", and 
certainly no reference to detecting that a signal has 
stopped passing through a port in a firewall. 

The Examiner goes on to cite the McClure et al . 
publication. However, the McClure et al . publication does 
not monitor "port closing delay". For example, at 
paragraph 0162, lines 3-5: "the ICMP scanning process 
sends 100 ICMP echo requests and monitors responses and . 
time-outs." There is no determination of the time from 
"a session signal time" and a "time probe signals are 
detected to stop passing through a port". 

The Examiner goes on to cite paragraph 0171, lines 
1-4: "For each open TCP port located during the service 
discovery phase, a TCP data probe is sent to that port if 
the port is known to by typically associated with a 
particular service." Again, there is no timing of port 
delays. 

The Examiner next cites paragraph 0172, lines 1-4, 
which also doesn't teach or suggest determination of the 
time from "a session signal time" and a "time probe 
signals are detected to stop passing through a port". The 
cited portion states: "For each UDP port discovered 
during the service discovery phase, a similar UDP data 
probe is. sent to each UDP port on the target computer 
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known to be typically associated with a service." Sending 
a probe out will not result in a determination of "port 
opening delays" or "port closing delays", but will simply 
identify which ports are open or closed at any given 
time. 

Therefore, since neither the Katz et al . publication 
nor the McClure et al. publication teach or suggest the 
features of claim 20, no combination of the references 
could do so. 

For at least these reasons, claim 20 is patentable 
over the Katz et al. publication in conjunction with the 
McClure et al, publication. 

Claim 21 , for at least the reason of being dependent 
on allowable claim 20, is therefore also patentable over 
any combination of the cited references. 

Claim 25 recites the feature [emphasis added] : 

a test signal analyzer for detecting probe 
signals passing through said first side of said 
firewall to said second side of said firewall 
and for determining port closing delays as 
measured from the time the test signal analyzer 
detects a signal used to close a port in said 
firewall and said analyzer ceases to detect 
test signals passing through said firewalls 

As discussed above, the Katz et al, publication does 
not teach or suggest ^determining port closing delays" or 
measuring the "time the test signal analyzer detects a 
signal used to close a port in said firewall and said 

analyzer ceases to detect test signals passing through 

■> 

said firewall" . 
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Also as discussed above in relation to claim 20, 
there is no reference in the Katz et ajU publication to 
"ceases to detect test signals passing through said 
firewall" (p. 16 of the Office Action) . 

The Examiner cites the McClure et al - publication in 
conjunction with the Katz et al. publication. As 
discussed above, the McClure et al . publication does not 
monitor "port closing delays". For example, at paragraph 
0162, lines 3-5: "the ICMP scanning process sends 100 
ICMP echo requests and monitors responses and time-outs." 
There is no determination of the time from "a session 
signal time" and a "time the test signal analyzer detects 
a signal used to close a port in said firewall and said 
analyzer ceases to detect test signals passing through 
said firewall". 

* 

The Examiner goes on to cite paragraph 0171, lines 
1-4: "For each open TCP port located during the service 
discovery phase, a TCP data probe is sent to that port if 
the port is known to by typically associated with a 
particular service." Again, there is no timing of port 
delays . 

The Examiner next cites paragraph 0172, lines 1-4: 
"For each UDP port discovered during the service 
discovery phase, a similar UDP data probe is sent to each 
UDP port on the target computer known to be typically 
associated with a service." Sending a probe out will not 
result in a determination of "port opening delays" or 
"port closing delays", but will simply identify which 
ports are open or closed at any given time. 
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For at least these reasons, claim 25 is patentable 
over the Katz et al- publication in conjunction with the 
McClure et al» publication. 

Claims 26 and 27 , for at least the reason of being 
dependent on allowable claim 25, are therefore also 

any combination of the cited 



VT . Conclusion 

In view of the foregoing amendment and remarks, it 
is respectfully submitted that the pending claims are in 
condition for allowance. Accordingly, it is requested 
that the Examiner pass this application to issue. 

If there are any outstanding issues which need to be 
resolved to place the application in condition for 
allowance the Examiner is re<juested to call (732-542- 
9070) and schedule an interview with Applicant's 
undersigned representative. To the extent necessary, a 
petition for extension of time under 37 C-F.R. 1.136 is 
hereby made and any required fee in regard to the 
extension or this amendment is authorized to be charged 
to the deposit account of Straub & Pokotylo, deposit 
account number 50-1049. 

None of the statements or discussion made herein are 
intended to be an admission that any of the applied 
references are prior art to the present application and 
Applicants preserve the right to establish that one or 
more of the applied references are not prior art. 
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Respectfully submitted, 




July 15, 2008 

Michael P. Straub Attorney 
Reg. No. 36,941 
Tel.: (732) 542-9070 

CERTIFICATE OF FACSIMILE TRANSMISSION 

I hereby certify that this paper (and any 
accompanying paper (s) ) is being facsimile transmitted to 
the United States Patent Office on the date shown below. 

Michael P. Straub 

Type or ^rint name of person signing certification 

July 15, 2008 



Signature Date 
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